Many reporting systems, particularly investor reporting systems, restrict access to specific reports and other types of information to specific individuals, organizations, or types of individuals or organizations. Furthermore, it is often desirable to restrict access to specific information to a specific timeframe, such as restricting access to information regarding a transaction until after closing or after the transaction has been audited.
Existing reporting systems, such as BusinessObjects software available from Business Objects SA, however, generally do not provide the level of security often required for providing selective access to information. Generally, the BusinessObjects software provides reporting capabilities for Internet web-sites. The BusinessObjects software executes a structured query language (SQL) query against a database and creates an object that may be displayed via a hyper-text markup language (HTML) document. The BusinessObjects software, however, does not provide any mechanism to apply a set of security rules. The BusinessObjects software assumes that the user has access to the information extracted from the database by the SQL query.
Other systems, such as the CrystalReports software available from Crystal Decisions, provide only a file level of security. Generally, the Seagate software provides a mechanism to apply security rules only on the file level, not the query level. For example, the Seagate software enables an administrator to manually indicate that only a specific individual may access a particular file. If the access privileges for the file change, then the administrator must manually alter the access privileges for the file. Accordingly, the Seagate software does not provide an efficient method of providing selective access to a large number of files, particularly when the access privilege to the files may change based on certain events. Other software includes Impromptu from Cognos, Incorporated and Oracle Discovers from Oracle Corporation.
The shortcomings discussed above are apparent in web-based services where an individual can access a file directly. It is common practice to implement a naming scheme to manage the large volume of reports made available to users of a web site. If an unauthorized individual determines the naming scheme used to manage the reports, however, that individual may enter the file name as part of the HTML address to gain direct access to that file, thereby circumventing the security procedures.
Therefore, there is a need for a reporting system that provides selective access to various reports dependent upon the characteristics of the user and the characteristics of the data. Moreover, there is a need for a reporting system that allows a user to create a template for a report to be created against various databases.